Often, log files, especially system logs such as syslog or journald, have heightened read-permissions blocking the Datadog Agent log collection as it does not have sudo or admin access.

There are three potential solutions to get around this:

• (Not Recommended) Give the Agent root access so it can tail those files. Datadog strongly recommends against going this route.
• Change the file permission to let the Agent access it. The Agent needs execute and read permissions on the directories and also read permission on the file. Run the following commands to provide those permissions (for any user, not just the Agent):
  • chmod 755 <folder name>
  • chmod 644 <file name>
• Configure an open source log shipper (such as Rsyslog, NXLog, …) that has root access to send those logs either directly to your Datadog platform or locally to a running Datadog Agent. For instructions, read the dedicated documentation for Rsyslog, Syslog-ng, NXlog, FluentD, or Logstash.

Additional helpful documentation, links, and articles:

Learn how to collect your logsDOCUMENTATION Learn how to explore your logsDOCUMENTATION Glossary entry for "tail"GLOSSARY